Home Forum Download/Upload Links Search

NetTalk User Group

NetTalk User Group Meeting!
Live Webinar!
Saturday Nov. 16 
7am PST
Click Here To Register!
Home arrow Forum
NetTalk Central
September 18, 2014, 03:46:08 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome to the NetTalk Central Forums!
 
  Home Help Search Login Register  
  Show Posts
Pages: [1] 2 3 ... 22
1  NetTalk Web Server / Web Server - Ask For Help / Let user insert html text in a field is dangerous? on: September 17, 2014, 07:59:53 AM
Hallo,

I need to make a column of a browse xHTML (by design need to be xHtml) then i realize that the information I will display here it will be taken also from a field where user have access and can insert text or xhtml code... well user doesn't know that but I don't like this. They could inject also javascript code... Is there a way to exclude that field to be xHTML? or a script that will remove xHTML code from that field (if user put some code there) before to be saved on disk?

Thank you,
Robert
2  NetTalk Web Server / Web Server - Ask For Help / Manage SessionQueue and ValueQueue on: September 17, 2014, 06:11:18 AM
Hallo,


It's not very easy to manage this two queue when you doesn't know how NT handle them.. I display in my app some information from SessionQueue ...and I saw strange behavior. From my experience it's very bad idea to store and work with SessionQueue from DCT tables. Bellow it's a scenario:

User table
USE:ID
USE:Name
USE:UserType

When you login you want to story this values from User table in a SessionQueue. Simply you fetch table and then do: p_web.FileToSessionQueue(User) ok, now all values from User table are in a session queue. You can put on the header the UserName , you can filter some browse by USR:ID , you can make restriction by USR:UserType (guest, admin, user, etc..) and you embed like this in your page: <!-- Net:s:USR:UserName --> .ok.
But if you login as admin and try to add a new user (a guest one), and complete the name, type,  and some others fields but then you cancel the form and do something else...now you will have a big surprise. All values you was trying to add are saved and used by your SessionQueue. You will see that your name in header is changed , browse are filtered and all of this because you are a Guest user now. You have to logout and then login again to be admin. And all of this because you was trying to add a guest user and then you decided to abandon the form...NT store automatically all values you complete in a form in a SessionQueue and this values remain there until you will go again to form and add new values or session expires.(they are not local variables....) All the time I was thinking that NT use ValueQueue in a form and not SessionQueue. SessionQueue act like a global variable. Some how this is dangerous. You cannot work with session variables ,...use them in a filter etc..

Maybe was a good ideea to delete all of this variables if a user press cancel and not save button. And also after he save to delete this values from session. I see no reason to remain there. This way we lost control of this session variables and it's not good to use them in application.

A solution to this is to use a prefix like: p_web.FileToSessionQueue(User,,'w-') and now all your variables will become: p_web.GSV('w-USR:UserName') and this way you will not be affected in any way because you have the control and it will never mixed .

I have also a question, where and how is used ValueQueuer? What I was thinking was this ValueQueue are used to store values just for that procedure (like a local variable). But I found in another post that they are available just for that thread...

I would like to know how others handle this and what is the story with ValueQueue?
And YES I would like to read about this in a help/book/manual :-)

Thank you for any suggestion.

Robert



3  NetTalk Web Server / Web Server - Ask For Help / Re: Suggestions for the best method to restrict the number of child records for a pa on: September 12, 2014, 04:01:33 AM
Hallo Bruce,

>p_web.ntBrowse(loc:divname,'disableButton','''[data-do="insert"]''')

This code works ok but how to manage if you have parent - child browse on the same memory form and 2 insert buttons?
Now when I execute this code it will disable both insert buttons..
How can I disable only the insert button I want?

Thank you,
Robert
4  NetTalk Web Server / Web Server - Ask For Help / Re: Lookup problem on: September 11, 2014, 01:42:17 AM
Hallo Bruce,

>Did you read this section, and miss the point about the key, or did you not see it? (real question - the answer helps me make it clearer)
I didn't found the answer on doc... now I found here: http://www.capesoft.com/docs/NetTalk8/NetTalkWebFunctionality.htm#FormFieldLookupSettings
but it will be good to make bold the KEY or to make a small note after with red color...

this part is also little bit confused: "If the foreign table has a key with just the description field in it"  better to see something like "the description field must be a key" and also on the template you can put a small note before or after the field, this will make more clearer the message.

also a bit hard to find in docs... much better to have a search locator for this to search in all docs related to web server.

Thank you,
Robert
5  NetTalk Web Server / Web Server - Ask For Help / Re: Strange Behavior - newbie on: September 05, 2014, 06:11:32 AM
Hallo Jorge,


If your app is small then post here. I think you made something wrong by design but without more information I cannot help. I did not understand what do you want to do...
Please write here step by step what do you want to do and what is not working.
Without more information I cannot help. You don't need to translate your app in English just post here example NT and Clarion is in English Shocked)

Robert
6  NetTalk Web Server / Web Server - Ask For Help / Re: Lookup problem on: September 03, 2014, 10:17:01 PM
Hallo Bruce!

Code:
>In order for "display description instead of value" to work, the lookup-file needs a unique, single component, key on the description field.
There is already a unique, single component, key on the >value field, bu it needs one on the description field as well.

this description MUST be in docs! I search docs but didn't find so if it's there apologies. I never know that the "display description instead of value" must be a key... and I never know why sometimes doesn't work and return the ID instead of name. uhhh (fight with this many times ...hours)
Please maybe you can put a small description on the template under "Description Field:" (need to be a key)

and why description should be a key?


Thank you,
Robert
7  NetTalk Web Server / Web Server - Ask For Help / Re: UPLOAD on: August 26, 2014, 11:58:57 AM
Check on Clarion help for RENAME. I think it should work.

Robert
8  NetTalk Web Server / Web Server - Ask For Help / Re: UPLOAD on: August 26, 2014, 07:25:58 AM
Hallo Walter,


The embed is on WebHandler: RenameFile > before Parent Call

Code:
! RECEIVE TPS OR PHOTOS
!-----------------------------------------------

CASE xExtractExt(clip(UPPER(p_filename)))
 ! Here you can put your condition
 ! I check for extension, but you can check for anything else

 OF 'TPS'
 OF 'JPEG' orof 'BMP' orof 'PNG'
 !do nothing

 OF 'JPG'

 !SSV name photo and path
 !--------------------------------------
  IF p_name = 'l:UploadFile'  !this is the name of upload variable     
     !Here you change the upload folder
       g:NEWPhotoALL = clip(self.site.WebFolderPath) &'\poze\'& p_web.GSV('MEM:ID_Membru') &'.JPG'
       p_filename = ''
       ReturnValue = Parent.RenameFile(p_name,p_filename,g:NEWPhotoALL)
     RETURN ReturnValue
   END
END



Robert
9  NetTalk Web Server / Web Server - Ask For Help / change background and color prompt for required fields on: August 26, 2014, 03:02:37 AM
Hallo,


Is there any way to change the background and color of a prompt when you try validate the record and you have some required fields?
Now the comments become red or if you have no comments it will show a small red cube. I would like to make red the prompt not the comment. Can I change some how this?

Thank you,
Robert
10  NetTalk Web Server / Web Server - Ask For Help / Re: What embed execute Session expire? on: August 21, 2014, 06:32:58 AM
Cool! and this way I don't need that parameter. ;-)  I will put just a link to login page.
Thanks,
Robert
11  NetTalk Web Server / Web Server - Ask For Help / Re: What embed execute Session expire? on: August 21, 2014, 05:53:52 AM
Hallo Bruce,


>>If you use the count-down timer then a URL is triggered when the count-down expires. But that call can have the effect of "touching" the session, and hence extending it for a further period. So the user is told "The session has ended" but in fact the session may actually exist for another cycle (typically 15 minutes.)

This is correct I tested before and I knew after the session expire will open the login form and it will extend again the session with another xx minutes you have setup in template.
For my project it was necessary to know when this session expire because I develop a mechanism to show user online and how much time they spend in one session. My code for logout is on Webhandler > DeleteSession. This works perfect. But when session expire then I have to wait again xx minutes until this embed execute the code so this will not reflect correct time spend for a user in that session.

Now I made a trick. I put a parameter on the link "?sessionexpire=1"

Code:
p_web.Script('startCountDown('& int(p_web.site.SessionExpiryAfterHS/100) &',"'& clip(p_web.site.LoginPage) &'?sessionexpire=1'&'","countdown");')

and I read this parameter on the login page. If true then my code execute. For the moment it works ok.

If anyone have better method please share Shocked)

Thank you,
Robert
12  NetTalk Web Server / Web Server - Ask For Help / Re: Choose default open menu for Accordion on: August 21, 2014, 05:30:48 AM
Perfect!
Thank you Bruce!
Robert
13  NetTalk Web Server / Web Server - Ask For Help / Re: What embed execute Session expire? on: August 20, 2014, 01:37:29 AM
Hallo Kevin,

I put a trace on NotifyDeleteSession method in the webhandler and nothing there... when session expires this method is not called.

Robert
14  NetTalk Web Server / Web Server - Ask For Help / What embed execute Session expire? on: August 19, 2014, 10:44:55 PM
Hallo,


I would like to inject some code in the embed when this code excute.

Code:
[i]  if (p_web.GetSessionLoggedIn() AND p_web.PageName <> clip(p_web.site.LoginPage))
    ! parameter 1 is the session time
    ! parameter 2 is the name of the login page.
    ! parameter 3 is the id of the <div> in the html.
    stt.Trace('== countdown start ==')
    p_web.Script('startCountDown('& int(p_web.site.SessionExpiryAfterHS/100) &',"'& clip(p_web.site.LoginPage) &'","countdown");')
  end"[/i]

How can I detect and what code to write to know if session expire?

Thank you,
Robert
15  NetTalk Web Server / Web Server - Ask For Help / Keep user settings XML or TPS ? on: August 19, 2014, 12:48:55 AM
Hallo,


What is your choice for keep user settings?  XML or TPS?
Keep in mind if you have like 1000 users and more.... I'm thinking to keep them in xml but I think tps will be also easy to maintain.

Thank you for suggestions.

Robert
Pages: [1] 2 3 ... 22
Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com
Valid XHTML 1.0! Valid CSS!

Login Form

Welcome Guest.






Lost Password?
No account yet? Register
home contact search contact search